Disección de amenazas en entornos de nube

•Download as PPTX, PDF•

0 likes•122 views

Esta presentación describe la naturaleza de las ciberamenazas modernas y cómo afectan la transición de la empresa a la infraestructura de la nube. Más específicamente, las suposiciones sobre la seguridad de la infraestructura en la nube que serán desafiadas y reexaminadas desde la perspectiva de un atacante, y se explorarán los puntos débiles de la nube. Esta presentación debe dar una perspectiva a las organizaciones con respecto a algunos de los puntos clave de debilidad en su nube, y qué se puede hacer para mitigar las amenazas que apuntan a estas debilidades en el futuro.

Technology

Clouds Ahead:
Dissecting Threats in Cloud Enviroments
Forrest Williams – Red Team Engineer

Agenda
• Red Teaming?
• Attack Walkthrough
• Post Mortem
• Takeaways

Red Team
Provides adversarial simulation services
and allows customers to test their
organization’s ability to detect and
respond to targeted attacks

Steal Intellectual Property
Steal Customer Data – PII, PCI, HIPAA
Tarnish Reputation
Steal Money
Stepping Stone

Recap #1
Used phishing to gain
initial foothold in the
network
1
Performed internal
reconnaissance2
Used local account to move
laterally and compromise IT
machines
3
Stolen domain admin
credentials and
compromise DevOps
workstation
4
Used SSH keys from
DevOps workstation to pivot
to the AWS environment
5

Attacker C2 Server Developer
Workstation

Cloud (In)Security
If your security sucks now, you will be
pleasantly surprised by the lack of
change when you move to the cloud.
— CHRIS HOFF

http://169.254.169.254/latest/meta-data/
http://169.254.169.254/computeMetadata/v1
http://metadata.google.internal/computeMetadata/v1/
http://169.254.169.254/metadata/v1.json
Others:
Azure, RackSpace/OpenStack

ProxyChains – 3.1 (http://proxychains.sf.net)
{
“Code” : “Success: ,
“LastUpdated” : “2017-04-04T17:16:19Z” ,
“Type” : “AWS – HMAC”
“AccessKeyId” : “AXXXXXXXXXXXXXA” ,
“SecretAccessKey” : “GyXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXOV” ,
“Token” :
“FQoDi…………………………………………………………………………………=“,
“Expiration” : “2017-04-04T23:44:14Z”
}
aws.json (END)

Attack Walkthrough
s
Recap #2
Went from a single user
clicking a phishing email…

Attack Walkthrough
s
…to complete takeover of the entire company.

• Allowing Local Admin on Workstations
• Irreversible First
• Unmanaged SSH Keys
• Not Removing (and Revoking!)
Unused Privilages
• Not Taking “Least Privileged”
Approach – API Keys

Join Alert Logic Chief Strategy Officer and Co-Founder Misha Govshteyn as he presents his predictions for the state of cloud security in 2016, including: -The rise of cloud adoption and how businesses will approach the cloud -What the threat landscape for cloud environments will look like -How data and analytics will evolve to meet cloud adoption ...and more. You’ll get a clear view of what expert security researchers are expecting in the coming year for organizations like yours who are leveraging the power of cloud infrastructure. See the accompanying webinar here: https://www.alertlogic.com/resources/webinars/top-5-cloud-security-predictions-for-2016/

Stopping zero day threats

Zscaler

Companies are struggling to deal with the unstoppable growth of cyber-attacks as hackers get faster, sneakier and more creative. The bad news is - no company is immune, no matter how big or small you are. Without a proper understanding of zero-day threats, companies have no way of exposing the gaps of overhyped security solutions. Zero-day exploit leaves NO opportunity for detection. This presentation will highlight critical insights combating zero-day threats.

Safeguard your enterprise against ransomware

Quick Heal Technologies Ltd.

Emerging Threats and Strategies of Defense

Alert Logic

This document summarizes emerging threats and strategies for defense. It discusses recent data breaches and malware trends seen in honeypot findings. Common attack vectors and types of malware are outlined. The importance of defense in depth is emphasized using tools like firewalls, intrusion detection, encryption, and threat intelligence. Social media, forums, and open source intelligence are recommended for monitoring the adversary.

Journey to the Cloud: Securing Your AWS Applications - April 2015

Alert Logic

James Brown, Director of Cloud Computing & Security Architecture, Alert Logic covers: • The shared security model: what security you are responsible for to protect your content, applications, systems and networks vs AWS. • Overview of the OWASP Top 10 most critical web application security risks (such as SQL injections) • Best practices for how to protect your environment from the latest threats

Ransomware webinar may 2016 final version external

Zscaler

This document discusses the history and evolution of ransomware. It notes that while ransomware attacks have occurred for over a decade, they have increased significantly in recent years due to the money that can be made. It describes how CryptoLocker in 2013 collected $27 million in just 3 months. CryptoLocker was shut down by Operation Tovar in 2014, but spawned copycats like CryptoWall, one of the most successful ransomware strains. More recent variants like Locky in 2016 have also seen success. The document warns that ransomware authors are getting more sophisticated and business-savvy in their methods. It suggests ransomware is likely to continue evolving and poses an ongoing threat.

LIFT OFF 2017: Ransomware and IR Overview

Robert Herjavec

This document summarizes a presentation about extending network visibility in Azure using Microsoft, Gigamon, and Fidelis. It discusses Azure Virtual Network TAP, Gigamon Cloud for aggregating and distributing traffic in Azure, and how Fidelis Network can be used for threat detection, content inspection, and automated response. The integration of these solutions provides security and operations teams visibility into network traffic across Azure environments to more effectively monitor for threats and inspect content.

Ransomware Detection: Don’t Pay Up. Backup.

marketingunitrends

#ALSummit: Live Cyber Hack Demonstration

Alert Logic

LIFT OFF 2017: AWS and Cloud Computing

Robert Herjavec

Are Your Appliance Security Solutions Ready For 2048-bit SSL Certificates ?

michaelbasoah

Dr. Amit Sinha is an experienced leader in security and wireless technologies. The document discusses the need to upgrade appliance-based security solutions from 1024-bit to 2048-bit SSL encryption by December 31, 2013 due to increased performance demands. Traditional appliances may struggle to support 2048-bit SSL interception and encryption. Zscaler's direct-to-cloud network is already upgraded to 2048-bit SSL to securely enable mobile and distributed workforces without hardware or software upgrades.

Data Center Server security

xband

McAfee provides server security solutions to address common customer challenges around securing physical, virtual, and cloud servers. Their solutions help customers discover all server workloads, protect from unknown threats through application control and integrity monitoring, and minimize performance impact while maintaining security. McAfee offers a comprehensive server security portfolio that can be managed from a single console to reduce security management complexity.

Cyber security fundamentals

Cloudflare

The document discusses cyber security fundamentals and challenges, describing how Cloudflare provides security solutions like DDoS mitigation, bot management, and web application firewalls to protect websites and applications from threats. It explains common security threats like DDoS attacks, bots, and vulnerabilities and how Cloudflare uses a global network and machine learning to detect and block attacks while ensuring high performance and availability.

Cyber Security 101

Cloudflare

Are you aware of the current security threats to your business? Are you prepared to handle the next big DDoS attack? What can you do to be prepared? At Cloudflare, we want to share our unique position — with more than 14 million domains interacting with 175 data centres worldwide, we can draw unparalleled insights into attack trends and what these attacks look like. Join this webinar and learn: - Three factors that we see are leading customers to a growing exposure to security threats - The business impact and potential costs of security threats - Threat mitigation strategies against volumetric layer 3/4 attacks, intelligent Layer 7 attacks, and bots

Talos threat-intelligence

xband

Talos is Cisco's threat intelligence organization comprised of security experts across five key areas: detection research, threat intelligence, engine development, vulnerability research, and outreach. Talos tracks threats across networks, endpoints, email, web, and cloud environments to provide comprehensive threat intelligence. Talos intelligence is used across Cisco security products and feeds to provide customers with superior protection.

Advanced Threat Defense Intel Security

xband

McAfee Advanced Threat Defense is a comprehensive solution that uses dynamic analysis, static code analysis, and machine learning to detect advanced malware. It analyzes malware behavior in real-time using emulation and deploys centrally to provide high detection accuracy and lower costs compared to other solutions. The solution integrates with other McAfee products to form a coordinated defense that rapidly shares threat intelligence across the enterprise to immediately block threats.

Ransomware Has Evolved And So Should Your Company

Veriato

Ransomware is typically initiated via phishing or social engineering tactics, these attacks often take advantage of human error for the successful delivery of the malware. These criminal organizations are impartial to the size of your organization. They target any company with data, and if you don't pay the ransom, your information could be posted to a public forum or sold on the Dark Web for profit. Most companies unfortunately are forced to pay due to system failure and file corruption. The scariest about these methods is that the Ransomware doesn't need to be developed by the attackers. Ransomware services can now be purchased on the DarkWeb and used at the Cybercriminal's will (RAAS). As these Ransomware attacks and services evolve, how can companies arm themselves with the right solutions to defend themselves from these evergrowing attacks? Join us in our latest webinar with Dr. Christine Izuakor (cybersecurity expert) and Jay Godse (head of product dev at Veriato).

Inteligentní ochrana osobních údajů v procesu digitální transformace

MarketingArrowECS_CZ

This document discusses Forcepoint's approach to cybersecurity which focuses on protecting users and data through a human-centric approach. It describes making the perimeter intelligent by analyzing user behavior before and after the perimeter to dynamically adjust security policies based on risk context rather than static policies. This helps empower productivity while reducing risk of data breaches. Two use cases are provided that illustrate how risk-adaptive protection can allow low risk actions while blocking high risk ones, and how dynamic data protection can help organizations move from reactive to proactive security.

NormShield Cyber Threat & Vulnerability Orchestration Overview

NormShield, Inc.

NormShield is at the forefront of orchestrated cyber security operations and reporting, a transformative new category that Gartner calls SOAR. The NormShield cloud platform automates finding vulnerabilities, prioritizes them and provides actionable intelligence. A key differentiation is the company’s combination of advanced automation and human intelligence for reliability unparalleled in the industry. NormShield CISOs receive letter-grade risk scorecards. Their teams manage risk, not data. The results are measurable: informed decisions and swift action that reduces risk as never before possible and at an affordable price.

Infosec 2014: Risk Analytics: Using Your Data to Solve Security Challenges

Skybox Security

Gidi Cohen, CEO of Skybox Security, discusses how risk analytics can help enterprises better understand and defend against cyber attacks. Skybox provides a security management platform that uses network and endpoint visibility combined with analytics to continuously monitor an organization's attack surface and prioritize vulnerabilities. This helps security teams focus remediation efforts, stay compliant with policies, and integrate risk-based insights into their vulnerability management and threat response processes.

The Motives, Means and Methods of Cyber-Adversaries

Kaspersky

This document discusses the motives, means, and methods of cyber adversaries who carry out advanced persistent threats against businesses. It outlines how these actors are motivated to steal innovations, business plans, credentials and more. Their arsenal includes zero-day exploits, malware tools, and stolen digital certificates. Common infiltration techniques involve spear phishing emails, watering hole attacks, and compromising hospitality networks. Recent trends show APT tactics being adopted more broadly while business supply chains, cyber mercenaries, and large botnets pose growing risks. The conclusion urges choosing cybersecurity protection to defend against these persistent threats.

kill-chain-presentation-v3

Shawn Croswell

1) Privileged identity, such as system administrator accounts, is the core enabler of cyber attacks according to security reports. 2) Existing security layers like firewalls and antivirus have been breached in major data breaches involving companies like Target and Home Depot. 3) A new security layer focused on privileged identity management (PIM) is needed to protect privileged accounts and help break the cyber attack kill chain.

Extending Your Network Cloud Security to AWS

Fidelis Cybersecurity

As more organizations implement cloud strategies and technologies, the volume of data being transmitted to and from the cloud increases – data that must be protected. Security monitoring for threats, compromise or data theft within cloud-based applications has been difficult to achieve without the use of VM-based monitoring agents, but this is changing. Fidelis Network® Sensors coupled with Netgate TNSR™ can provide an easy-to-deploy cloud mirror port for traffic visibility, threat detection, and data loss and theft detection. If you currently have AWS-based applications or are considering hosting applications in AWS, watch this recorded webinar to find out how Fidelis and Netgate can support the security of your cloud-based data via a high-speed cloud mirror port. In this webinar, we discuss: - The cloud environment and the state of cloud security today - The technology and the integration capabilities of Netgate TNSR and Fidelis Network - The benefits of deploying Fidelis Network sensors in the cloud no reconfiguring of applications required

GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...

James Anderson

Are Cybersecurity threats increasing? Learn about protecting your business with a security program and understanding ransomware threats. Join us as Google's Biodun Awojobi and Wade Walters join us to discuss "Security Programs and Ransomware in the Cloud." We expect to have additional Cybersecurity events in future to cover security posture, Zero Trust, Google's Cybersecurity products & more! #cybersecurity #ransomware #google #gdg #gdgcloudsouthlake

How to Recover from a Ransomware Disaster

Spanning Cloud Apps

Kaspersky Lab’s Webinar ‘Emerging Threats in the APT World: Predictions for 2...

Kaspersky

For several years now, Kaspersky Lab’s Global Research and Analysis Team (GReAT) has been monitoring more than 60 threat actors responsible for cyber-attacks worldwide. By closely observing these organizations, which appear to be fluent in many languages, including Russian, Chinese, German, Spanish, Arabic and Persian, we have put together a list of what seem to be the emerging threats in the APT world. We think these will play an important role in 2015 and deserve special attention. As a participant of the webinar, you will be the first to hear our detailed analysis of the trends. The webinar was hosted by Costin Raiu, Director of GReAT at Kaspersky Lab, on December 11. “If we can call 2014‘sophisticated’, then the word for 2015 will be ‘elusive’. We believe that APT groups will evolve to become stealthier and sneakier, in order to better avoid exposure. This year we’ve already discovered APT players using several zero-days, and we’ve observed new persistence and stealth techniques. We have used this to develop and deploy several new defense mechanisms for our users,” comments Costin Raiu. Listen to the presentation https://kas.pr/aptwebinar Read the full report https://kas.pr/ksb

Cyber Security 101 - Back to Basics (HP Secure Print Event 2018)

Shah Sheikh

This document provides an overview of cyber security 101 and discusses common myths. It begins with an introduction to cyber security and why it is important given how organizations are connected digitally. It then discusses some major cyber incidents that made headlines in recent years. It also outlines common cyber threats and threat actors. The document also predicts cyber security trends in the coming years. It identifies key industry verticals impacted by cyber threats. Finally, it discusses some common myths around cyber security and emphasizes the importance of going back to cyber security basics.

Ransomware-Recovery-as-a-Service

Sagi Brody

What's hot

Extend Network Visibility and Secure Applications and Data in Azure

Fidelis Cybersecurity

Ransomware Detection: Don’t Pay Up. Backup.

marketingunitrends

#ALSummit: Live Cyber Hack Demonstration

Alert Logic

LIFT OFF 2017: AWS and Cloud Computing

Robert Herjavec

Are Your Appliance Security Solutions Ready For 2048-bit SSL Certificates ?

michaelbasoah

Data Center Server security

xband

Cyber security fundamentals

Cloudflare

Cyber Security 101

Cloudflare

Talos threat-intelligence

xband

Advanced Threat Defense Intel Security

xband

Ransomware Has Evolved And So Should Your Company

Veriato

Inteligentní ochrana osobních údajů v procesu digitální transformace

MarketingArrowECS_CZ

NormShield Cyber Threat & Vulnerability Orchestration Overview

NormShield, Inc.

Infosec 2014: Risk Analytics: Using Your Data to Solve Security Challenges

Skybox Security

The Motives, Means and Methods of Cyber-Adversaries

Kaspersky

kill-chain-presentation-v3

Shawn Croswell

Extending Your Network Cloud Security to AWS

Fidelis Cybersecurity

GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...

James Anderson

How to Recover from a Ransomware Disaster

Spanning Cloud Apps

Kaspersky Lab’s Webinar ‘Emerging Threats in the APT World: Predictions for 2...

Kaspersky

What's hot (20)

Extend Network Visibility and Secure Applications and Data in Azure

Ransomware Detection: Don’t Pay Up. Backup.

#ALSummit: Live Cyber Hack Demonstration

LIFT OFF 2017: AWS and Cloud Computing

Are Your Appliance Security Solutions Ready For 2048-bit SSL Certificates ?

Data Center Server security

Cyber security fundamentals

Cyber Security 101

Talos threat-intelligence

Advanced Threat Defense Intel Security

Ransomware Has Evolved And So Should Your Company

Inteligentní ochrana osobních údajů v procesu digitální transformace

NormShield Cyber Threat & Vulnerability Orchestration Overview

Infosec 2014: Risk Analytics: Using Your Data to Solve Security Challenges

The Motives, Means and Methods of Cyber-Adversaries

kill-chain-presentation-v3

Extending Your Network Cloud Security to AWS

GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...

How to Recover from a Ransomware Disaster

Kaspersky Lab’s Webinar ‘Emerging Threats in the APT World: Predictions for 2...

Similar to Disección de amenazas en entornos de nube

Cyber Security 101 - Back to Basics (HP Secure Print Event 2018)

Shah Sheikh

Ransomware-Recovery-as-a-Service

Sagi Brody

Realities of Security in the Cloud

Alert Logic

The document discusses security challenges in cloud computing and provides an overview of Alert Logic's security solutions. It begins by noting that security is a challenge that has changed with the cloud model introducing shared responsibility. It then provides examples of security services Alert Logic offers across various areas like access management, patching, monitoring, and network threat detection. The document uses an example attack scenario to illustrate how an attacker may perform reconnaissance, exploit vulnerabilities like path traversal and remote file inclusion, extract data through SQL injection, establish command and control through a webshell, and the visibility different parts of Alert Logic's solution would provide at each stage. It argues integrated solutions covering assets, vulnerabilities, network, and application layers are needed for full threat visibility and coverage.

Realities of Security in the Cloud - CSS ATX 2017

Alert Logic

This document discusses security in the cloud and describes Alert Logic's approach to cloud security. It provides an example attack scenario on a classic 3-tier web application and assesses Alert Logic's capabilities in detecting each step of the attack. These include reconnaissance, entry/data exfiltration, command and control, and establishing a persistent foothold. The document outlines how Alert Logic provides asset visibility, network inspection, deep HTTP inspection, and integrated security experts to provide deep threat visibility and coverage across the infrastructure.

【HITCON FreeTalk 2021 - SolarWinds 供應鏈攻擊事件分析】

Hacks in Taiwan (HITCON)

Operational Security Intelligence

Splunk

You have spent a ton of money on your security infrastructure. But how do you string all those things together so you can achieve your goals of reducing time to response, detecting, preventing threats. And most importantly, having your security team serve your business and mission. Learn how to organize your security resources to get the best benefit. See a live demonstration of operationalizing those resources so your security teams can do more for your organization.

Realities of Security in the Cloud

Alert Logic

This document discusses security challenges in the cloud and Alert Logic's approach to addressing them. It begins by outlining various security services needed in the cloud like monitoring, scanning, and access management. It then describes a hypothetical attack scenario against a web application to illustrate how an attacker may progress from reconnaissance to gaining a persistent foothold. It evaluates what security tools would provide visibility into each stage of the attack. The document concludes by describing Alert Logic's integrated security model which combines infrastructure and application threat visibility, security analytics, and human experts to detect threats across cloud, hosted, and on-premises environments.

Big Bang Theory: The Evolution of Pentesting High Security Enviroments IT Def...

Chris Gates

Offensive cyber security engineer pragram course agenda

ShivamSharma909

This document provides an overview of an offensive cyber security engineer training program offered by infosectrain.com. The 120-hour instructor-led online program includes training in ethical hacking, penetration testing, cyber security tools and techniques. It aims to provide students with skills in areas like reconnaissance, scanning, vulnerability analysis, exploitation, post-exploitation, and reporting. The program covers topics such as Active Directory penetration testing, password cracking, and privilege escalation. It includes hands-on labs and prepares students for the EC-Council Certified Ethical Hacker certification exam.

Offensive cyber security engineer updated

InfosecTrain

Offensive cyber security engineer

ShivamSharma909

BSides SG Practical Red Teaming Workshop

Ajay Choudhary

Practical Red Teaming is a hands-on class designed to teach participants with various techniques and tools for performing red teaming attacks. The goal of the training is to give a red teamer’s perspective to participants who want to go beyond VAPT. This intense course immerses students in a simulated enterprise environment, with multiple domains, up-to-date and patched operating systems. We will cover several phases of a Red Team engagement in depth – Local Privilege escalation, Domain Enumeration, Admin Recon, Lateral movement, Domain Admin privileges etc. If you want to learn how to perform Red Team operations, sharpen your red teaming skillset, or understand how to defend against modern attacks, Practical Red Teaming is the course for you. Topics : • Red Team philosophy/overview • Red Teaming vs Penetration Testing • Active Directory Fundamentals – Forests, Domains, OU’s etc • Assume Breach Methodology • Insider Attack Simulation • Introduction to PowerShell • Initial access methods • Privilege escalation methods through abuse of misconfigurations • Domain Enumeration • Lateral Movement and Pivoting • Single sign-on in Active Directory • Abusing built-in functionality for code execution • Credential Replay • Domain privileges abuse • Dumping System and Domain Secrets • Kerberos – Basics and its Fundamentals • Kerberos Attack and Defense (Kerberoasting, Silver ticket, Golden ticket attack etc) https://bsidessg.org/schedule/2019-ajaychoudhary-and-niteshmalviya/

Next-Generation SIEM: Delivered from the Cloud

Alert Logic

This document discusses the evolution of security information and event management (SIEM) systems and the challenges posed by modern threats and hybrid IT environments. It argues that traditional on-premises SIEMs are difficult to implement and maintain effectively. The document then outlines the characteristics of a next-generation, cloud-delivered SIEM that is fully managed, provides unlimited scalability, supports multiple platforms and cloud services, and incorporates continuous threat intelligence and security updates. Alert Logic is presented as an example of such a modern SIEM solution.

Reducing Your Attack Surface and Yuor Role in Cloud Workload Protection

Alert Logic

RIoT (Raiding Internet of Things) by Jacob Holcomb

Priyanka Aash

The recorded version of 'Best Of The World Webcast Series' [Webinar] where Jacob Holcomb speaks on 'RIoT (Raiding Internet of Things)' is available on CISOPlatform. Best Of The World Webcast Series are webinars where breakthrough/original security researchers showcase their study, to offer the CISO/security experts the best insights in information security. For more signup(it's free): www.cisoplatform.com

Compliance made easy. Pass your audits stress-free.

AlgoSec

This document discusses reducing ransomware risks and provides an overview of a webinar on the topic. It begins with a poll asking organizations about their experience with ransomware attacks. It then introduces the speakers and discusses malware trends seen by Cisco Talos, including the continued prevalence of ransomware. The webinar agenda is outlined, covering malware trends, what ransomware is, high-level solutions, and next steps. High-level solutions include blocking malicious traffic, securing email, using endpoint protection, and network segmentation. The presentation encourages education, making lateral movement difficult through segmentation, and having response plans. It concludes with an additional poll and information on following up.

DevSecCon Tel Aviv 2018 - Serverless Security

Avi Shulman

Serverless architectures enable organizations to build and deploy software and services without having to maintain or provision any physical or virtual servers. Applications built using serverless architectures are suitable for a wide range of services, and can scale elastically as cloud workloads grow. From a software development perspective, organisations adopting serverless can focus on core product functionality, and completely disregard the underlying operating system, application server or software runtime environment. In essence, when you develop applications using serverless, you relieve yourself from the daunting task of having to constantly apply security patches for the underlying operating system and application servers – these tasks are now the responsibility of the serverless architecture provider. However, the comfort and elegance of serverless architectures is not without its drawbacks – serverless architectures introduce a new set of security concerns that must be taken into consideration when coming to secure such applications. In this talk, we will present an overview of serverless architectures, the challenge of securing serverless applications, and an overview of the top 10 most common security concerns that developers, DevSecOps and architects should consider when designing and developing such applications. We will also demonstrate a unique CI/CD tool for hardening serverless projects during deployment time.

Presentation for information security & hacking

faizanmalik255119

SOHOpelessly Broken

The Security of Things Forum

@dtmsecurity Mitre ATT&CKcon - Playing Devil's Advocate to Security Initiativ...

DTM Security

This document discusses playing devil's advocate to security initiatives by considering potential weaknesses or unintended consequences. It focuses on using the ATT&CK framework to evaluate command and control techniques, including DNS over HTTPS. The presenter argues that implementing security controls could introduce new attack vectors or fail to address existing threats if not properly analyzed. A demo then shows how an adversary could potentially use DNS over HTTPS for command and control before discussing mitigation strategies.

Similar to Disección de amenazas en entornos de nube (20)

Cyber Security 101 - Back to Basics (HP Secure Print Event 2018)

Ransomware-Recovery-as-a-Service

Realities of Security in the Cloud

Realities of Security in the Cloud - CSS ATX 2017

【HITCON FreeTalk 2021 - SolarWinds 供應鏈攻擊事件分析】

Operational Security Intelligence

Realities of Security in the Cloud

Big Bang Theory: The Evolution of Pentesting High Security Enviroments IT Def...

Offensive cyber security engineer pragram course agenda

Offensive cyber security engineer updated

Offensive cyber security engineer

BSides SG Practical Red Teaming Workshop

Next-Generation SIEM: Delivered from the Cloud

Reducing Your Attack Surface and Yuor Role in Cloud Workload Protection

RIoT (Raiding Internet of Things) by Jacob Holcomb

Compliance made easy. Pass your audits stress-free.

DevSecCon Tel Aviv 2018 - Serverless Security

Presentation for information security & hacking

SOHOpelessly Broken

@dtmsecurity Mitre ATT&CKcon - Playing Devil's Advocate to Security Initiativ...

More from Cristian Garcia G.

Making App Security and Delivery Ridiculously Easy

Disección de amenazas en entornos de nube

Recommended

Recommended

More Related Content

What's hot

What's hot (20)

Similar to Disección de amenazas en entornos de nube

Similar to Disección de amenazas en entornos de nube (20)

More from Cristian Garcia G.

More from Cristian Garcia G. (20)

Recently uploaded

Recently uploaded (20)

Disección de amenazas en entornos de nube

Editor's Notes